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AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions and listing of claims in the application. 

Listing of Claims 

1 . (Original) A management apparatus for managing a storage network having a 
computer, a storage device and a switch, comprising: 

a controller, an interface connected to said switch and an input interface to be used by 
an administrator, 

wherein when said computer or said storage device is connected to said switch: 
based on information of first and second identifiers of said computer or said storage 
device acquired via said interface from said computer or said storage device connected to said 
switch, information of a correspondence relation acquired from said switch via said interface 
between said second identifier of said computer or said storage device connected to said 
switch, and a third identifier for identifying an interface of said switch connected to said 
computer or said storage device, and information regarding said first identifier for identifying 
said computer or said storage device constituting a predetermined group entered by said 
administrator via said input interface, said third identifier of said switch belonging to said 
predetermined group is specified; and 

in response to inputting of information of a storage area of said storage device and 
information regarding said first identifier of said computer which can use said storage area, 
from said input interface, the input information is sent to said storage device to instruct security 
configuration, information of said third identifier of said switch corresponding to said first 
identifier and information of said predetermined group to which said third identifier belongs is 
derived, and the derived information is sent to said switch to instruct configuration of a virtual 
LAN corresponding to said predetermined group. 

2. (Original) A management apparatus according to claim 1, wherein said first 
identifier is an Internet protocol (IP) address, said second identifier is a MAC address, said 
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third identifier is a port ID, and the information regarding said first identifier is a subnet 
address. 

3. (Original) A management apparatus according to claim 2, wherein said MAC 
address is acquired by sending an ARP command to said computer, and the correspondence 
relation between said MAC address and said port ID is acquired by issuing a Get command of 
SNMP from said switch. 

4. (Original) A management apparatus according to claim 3, wherein connection of 
said computer to said switch is detected upon reception of an SLP packet from said computer 
connected to said switch. 

5. (Original) A management apparatus according to claim 1, wherein the contents of 
an instruction given to said switch is an instruction to add said third identifier to the virtual 
LAN corresponding to said predetermined group. 

6. (Original) A management apparatus according to claim 5, wherein if the virtual 
LAN corresponding to said predetermined group is not configured in said switch, the contents 
of the instruction is an instruction to generate a new virtual LAN corresponding to said 
predetermined group. 

7. (Original) A management apparatus according to claim 6, wherein when said 
computer or said storage device is disconnected from said switch, said switch is instructed to 
delete said third identifier corresponding to said disconnected computer or said disconnected 
storage device from the virtual LAN corresponding to said predetermined group to which said 
disconnected computer or said disconnected storage device belongs. . 

8. (Original) A management apparatus according to claim 7, wherein if said third 
identifier corresponding to said disconnected computer or said disconnected storage device is 
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deleted from said virtual LAN corresponding to said predetermined group and if said computer 
or said storage device belonging to said predetermined group is lost, said switch is instructed to 
delete said virtual LAN itself. 

9. (Original) A switch connectable to a computer and a storage device, comprising: 

a controller, an interface connected to said storage device or said computer and an input 
interface to be used by an administrator, 

wherein when said computer or said storage device is connected to said interface: 

in accordance with information of first and second identifiers of said computer or said 
storage device acquired via said interface from said computer or said storage device connected, 
information of a correspondence relation possessed by said switch between said second 
identifier of said computer or said storage device connected to said switch, and a third identifier 
for identifying an interface of said switch connected to said computer or said storage device, 
and information regarding said first identifier for identifying said computer or said storage 
device constituting a predetermined group entered by said administrator via said input 
interface, said controller identifies said third identifier corresponding to said computer or said 
storage device belonging to said predetermined group; and 

in response to inputting of information of a storage area of said storage device and 
information regarding said first identifier of said computer which can use said storage area, 
from said input interface, input information is sent to said storage device to instruct security 
configuration, information of said third identifier corresponding to said first identifier and 
information of said predetermined group to which said third identifier belongs is derived, a 
virtual LAN corresponding to said predetermined group is configured. 

10. (Original) A storage device connectable to a switch connected to a computer, 
comprising: 

a controller, an interface connected to said switch, an input interface to be used by an 
administrator and a storage area, 

wherein when said computer is connected to said switch: 
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based on information of first and second identifiers of said computer acquired via said 
interface from said computer connected, information of a correspondence relation acquired 
from said switch via said interface between said second identifier of said computer connected 
to said switch and a third identifier for identifying said interface of said switch connected to 
said computer, and information regarding said first identifier for identifying said computer 
constituting a predetermined group entered by said administrator via said input interface, said 
third identifier corresponding to said computer belonging to said predetermined group is 
identified; and 

in response to inputting of information of said storage area and information regarding 
said first identifier of said computer which can use said storage area, from said input interface, 
security configuration is performed, information of said third identifier corresponding to said 
first identifier and information of said predetermined group to which said third identifier 
belongs is derived, and said switch is instructed to configure a virtual LAN corresponding to 
said predetermined group. 

1 1 . (Original) A management method for managing a storage network having a 
computer, a storage device and a switch, comprising the steps of: 

when said computer or said storage device is connected to said switch: 
based on information of first and second identifiers of said computer or said storage 
device acquired from said computer or said storage device connected to said switch, 
information of a correspondence relation acquired from said switch between said second 
identifier of said computer or said storage device connected to said switch, and a third identifier 
for identifying an interface of said switch connected to said computer or said storage device, 
and information regarding said first identifier for identifying said computer and said storage 
device constituting a predetermined group, specifying said third identifier corresponding to 
said computer or said storage device belonging to said predetermined group; and 

based on information of a storage area of said storage device and information regarding 
said first identifier of said computer which can use said storage area, performing security 
configuration by said storage device, extracting information of said third identifier 
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corresponding to said first identifier and information of said predetermined group to which said 
third identifier belongs, and creating through said switch a virtual LAN corresponding to said 
predetermined group. 

12. (Currently Amended) A management method for a storage system having a storage 
device, a switch and a computer respectively connected by a network, comprising the steps of: 

based on setting an identifier of a storage area of said storage device and a first address 
of said computer, performing access control configuration relative to the identifier of said 
storage area for said storage device; and converting the first address of said computer into a 
second address, converting the second address of said computer into an identifier of a port of 
said switch connected to said computer, and adding the identifier of said port to a virtual LAN 
for said switch. 

13. (Currently Amended) A management method for a storage system having a storage 
device, a switch and a computer respectively connected by a network, comprising the steps of: 

based on setting an identifier of a storage area of said storage device and a first address 
of said computer, performing access control configuration for said computer relative to said 
storage area by said storage device; and 

converting the first address of said computer into a second address, converting the 
second address of said computer into an identifier of a port of said switch connected to said 
computer, and adding the identifier of said port to a virtual LAN for said switch. 
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